Draft proxmox proxy support + route53

3 files changed, 24 insertions, 4 deletions

diff --git a/personal_infra/puppet/modules/proxmox/manifests/proxy.pp b/personal_infra/puppet/modules/proxmox/manifests/proxy.pp
index 65f93cb6..2a07c44c 100644
--- a/personal_infra/puppet/modules/proxmox/manifests/proxy.pp
+++ b/personal_infra/puppet/modules/proxmox/manifests/proxy.pp
@@ -21,7 +21,7 @@ class proxmox::proxy ($mail, $base_hostname) {
 
   file {'/etc/apache2/sites-enabled/test.conf':
     content => @("EOT")
-    MDomain $base_hostname
+    MDomain $base_hostname auto
     MDCertificateAgreement accepted
     MDContactEmail $mail
     MDNotifyCmd /usr/local/bin/notify_md_renewal
diff --git a/personal_infra/puppet/modules/proxmox/manifests/proxy_host.pp b/personal_infra/puppet/modules/proxmox/manifests/proxy_host.pp
new file mode 100644
index 00000000..33b28de0
--- /dev/null
+++ b/personal_infra/puppet/modules/proxmox/manifests/proxy_host.pp
@@ -0,0 +1,15 @@
+define proxmox::proxy_host (String[1] $target) {
+  file {"/etc/apache2/sites-enabled/$title.conf":
+    content => @("EOT")
+      MDomain $title
+
+      <VirtualHost *:443>
+        ServerName $title
+        SSLEngine on
+      </VirtualHost>
+    | EOT
+    ,
+  }
+  ~>
+  Service['apache2']
+}
diff --git a/personal_infra/puppet/site/h1.pdp7.net.pp b/personal_infra/puppet/site/h1.pdp7.net.pp
index ef0ff1ea..b64871c1 100644
--- a/personal_infra/puppet/site/h1.pdp7.net.pp
+++ b/personal_infra/puppet/site/h1.pdp7.net.pp
@@ -1,11 +1,16 @@
 node 'h1.pdp7.net' {
   class {'proxmox::freeipa':}
+  class {'dns_dhcp':}
+
+  # TODO: ugly; tinc scripts require this :(
+  package {'net-tools':}
+
   class {'proxmox::proxy':
     mail => lookup('mail.root_mail'),
     base_hostname => lookup('network.public_hostname'),
   }
-  class {'dns_dhcp':}
 
-  # TODO: ugly; tinc scripts require this :(
-  package {'net-tools':}
+  proxmox::proxy_host {'ipsilon-test.pdp7.net':
+    target => 'ipsilon-test.h1.int.pdp7.net',
+  }
 }